Hack The Box – Marshal in the Middle (Forensics Challenge)

The security team was alerted to suspicious network activity from a production web server. Can you determine if any data was stolen and what it was? This is a nice network forensics exercise involving encrypted traffic and data exfiltration. In addition to the usual PCAP we are also given a selection of logs from Zeek […]

Hack The Box – Keep Tryin’ (Forensics Challenge)

This packet capture seems to show some suspicious traffic. All that is provided for this challenge is a small PCAP, and the observation that it contains “some suspicious traffic”. Let’s go! Opening the PCAP in Wireshark we find that it only contains 26 packets. The first thing my eye was drawn to was the DNS […]

Hack The Box – Took the Byte (Forensics Challenge)

Someone took my bytes! Can you recover my password for me? This time all we are given is a single file named password,  which is identified simply as data. Examining it in a hex editor doesn’t give many more clues. I began thinking that the data might be encrypted somehow, and threw it into CyberChef. […]

Hack The Box – Illumination (Forensics Challenge)

A Junior Developer just switched to a new source control platform. Can you find the secret token? There isn’t much to this challenge. We are given an archive containing some source code and the associated .git directory. Entering into the .git directory… …and reading the Git logs… git log …we can see that commit 47241a47f62ada864ec74bd6dedc4d33f4374699 […]

Hack The Box – MarketDump (Forensics Challenge)

We have got informed that a hacker managed to get into our internal network after pivoting through the web platform that runs in public internet. He managed to bypass our small product stocks logging platform and then he got our costumer database file. We believe that only one of our costumers was targeted. Can you […]